Slideshare uses cookies to improve functionality and performance, and to provide you with relevant advertising. If you continue browsing the site, you agree to the use of cookies on this website. See our User Agreement and Privacy Policy.

Slideshare uses cookies to improve functionality and performance, and to provide you with relevant advertising. If you continue browsing the site, you agree to the use of cookies on this website. See our Privacy Policy and User Agreement for details.

4.
SCAM 20xx will have a Human Papers track and inviteshuman papers of six pages length. Please considersubmitting a human paper outlining the details of yourhuman and your experience in building such human. Thehuman could be in any area under the umbrella of SCAM.… Some details are follows:•It aptly and accurately describes a human,•Motivates its existence well (and relates it to what camebefore),•Describes experience gained in developing the human.•Does not necessarily compare with other humans (this isnot a research paper) … 4

16.
“During the past 21 years, over 75 papers and 9 Ph.D. theses have been published on pointer analysis. Given the tones of work on this topic one may wonder, “Havent we solved this problem yet? With input from many researchers in the field, this paper describes issues related to pointer analysis and remaining open problems.”Michael Hind. Pointer analysis: havent we solved this problem yet?. In Proc.ACM SIGPLAN-SIGSOFT Workshop on Program Analysis for Software Tools andEngineering (PASTE 2001) 19

17.
Section 4.3 Designing an Analysis for a Client’s Needs“Barbara Ryder expands on this topic: “… We can all write an unbounded number of papers that compare different pointer analysis approximations in the abstract. However, this does not accomplish the key goal, which is to design and engineer pointer analyses that are useful for solving real software problems for realistic programs.” 20

20.
Finding refactoring Available in Visual Studio 2012 opportunity Searching similar snippets for fixing bug once XIAO Code Clone Search service integrated into workflow of Microsoft Security Response Center (MSRC) Microsoft Technet Blog about XIAO: We wanted to be sure to address the vulnerable code wherever it appeared across the Microsoft code base. To that end, we have been working with Microsoft Research to develop a “Cloned Code Detection” system that we can run for every MSRC case to find any instance of the vulnerable code in any shipping product. This system is the one that found several of the copies of CVE-2011-3402 that we are now addressing with MS12-034.Yingnong Dang, Dongmei Zhang, Song Ge, Yingjun Qiu, and Tao Xie. XIAO: Tuning Code Clones at Hands of Engineers inPractice. In Proc. Annual Computer Security Applications Conference (ACSAC 2012) 24

46.
 Motivation  Tools are often not powerful enough  Human is good at some aspects that tools are not  What difficulties does the tool face?  How to communicate info to the user to get help? Iterations to form Feedback Loop  How does the user help the tool based on the info? 50

47.
 Motivation  Tools are often not powerful enough  Human is good at some aspects that tools are not  What difficulties does the tool face?  How to communicate info to the user to get help? Iterations to form Feedback Loop  How does the user help the tool based on the info? 51

49.
 Existing solution  identify all executed external-method calls  report all object types of program inputs and fields Limitations  the number is often high  some identified problem are irrelevant for achieving higher structural coverage 53

59.
[Xiao et al. ICSE 2011] Task: What need to automate?  Test-input generation What difficulties does the tool face?  Doesn’t know which methods to instrument and explore  Doesn’t know how to generate effective method sequences How to communicate info to the user to get her help?  Report encountered problems How does the user help the tool based on the info?  Instruct which external methods to instrument/write mock objects  Write factory methods for generating objects Iterations to form feedback loop?  Yes, till the user is happy with coverage or impatient

69.
“We believe that the MSRA tool is highly valuable and much more efficient for mass trace (100+ traces) analysis. For 1000 traces, we believe the tool saves us 4-6 weeks of time to create new signatures, which is quite a significant productivity boost.” - from Development Manager in Windows Highly effective new issue discovery on Windows mini-hang Continuous impact on future Windows versionsShi Han, Yingnong Dang, Song Ge, Dongmei Zhang, and Tao Xie. Performance Debugging in the Largevia Mining Millions of Stack Traces. In Proc. ICSE 2012